Industry still leery about FOIA rules

"Critical Infrastructure Protection: Significant Challenges Need to Be Addressed"

The long-time debate over whether information on system vulnerabilities that industry shares with the government should be exempted from the Freedom of Information Act may be finally coming to a head.

A House hearing July 24 was dominated by debate about a Bush administration proposal that would create what one lawmaker called a loophole in the Freedom of Information Act.

The proposal, a part of the bill to create a Homeland Security Department, would permit companies that own and operate systems that manage critical infrastructures to share information on vulnerabilities and attacks with federal officials without fear that the data would be made public through a FOIA request.

Industry officials are leery about sharing information without protections and do not believe that the current FOIA exemptions offer enough protection, officials testified. Administration officials said that companies participating in the Information Sharing and Analysis Centers (ISACs) have been reluctant to share any sensitive data.

Rep. Janice Schakowsky (D-Ill.), ranking member of the House Government Reform Committee's Government Efficiency, Financial Management and Intergovernmental Relations Subcommittee, said it is shocking that businesses are unwilling to share information that could protect the nation. "We could in fact just say that because this is so critical to national security, simply require this, rather than pander to the desires of businesses to keep information secret," she argued.

But Ronald Dick, director of the FBI's National Infrastructure Protection Center, said the private sector does not believe that the law is clear.

The administration's goal is to create a narrowly focused exemption, said John Tritak, director of the Critical Infrastructure Assurance Office. "The real goal is to create an environment where dynamic information sharing is taking place and problems can be dealt with in real time."

But Stanley Jarocki, chairman of Financial Services ISAC and vice president of information technology security for Morgan Stanley, said that many businesses believe that sharing such critical and sensitive information is too risky. Legislation may help change that.

Although "legislation alone will not solve all challenges in information sharing, it will go a long way in providing the protections industry needs as well as demonstrating the government's commitment and desire to be an active member of the information sharing process," he said.

But James Dempsey, deputy director for the Center for Democracy and Technology, a Washington, D.C., group, urged lawmakers to reject the legislation. Dempsey noted that the provision carries criminal penalties for officials who disclose information about critical infrastructure vulnerabilities.

As the House panel was discussing the issue, the Senate Governmental Affairs Committee approved the homeland security bill that includes the administration's FOIA exemption.

About the Author

Christopher J. Dorobek is the co-anchor of Federal News Radio’s afternoon drive program, The Daily Debrief with Chris Dorobek and Amy Morris, and the founder, publisher and editor of the DorobekInsider.com, a leading blog for the Federal IT community.

Dorobek joined Federal News Radio in 2008 with 16 years of experience covering government issues with an emphasis on government information technology. Prior to joining Federal News Radio, Dorobek was editor-in-chief of Federal Computer Week, the leading news magazine for government IT decision-makers and the flagship of the 1105 Government Information Group portfolio of publications. As editor-in-chief, Dorobek served as a member of the senior leadership team at 1105 Government Information Group, providing daily editorial direction and management for FCW magazine, FCW.com, Government Health IT and its other editorial products.

Dorobek joined FCW in 2001 as a senior reporter and assumed increasing responsibilities, becoming managing editor and executive editor before being named editor-in-chief in 2006. Prior to joining FCW, Dorobek was a technology reporter at PlanetGov.com, one of the first online community centers for current and former government employees. He also spent five years at Government Computer News, another leading industry publication, covering a variety of federal IT-related issues.

Dorobek is a frequent speaker on issues involving the government IT industry, and has appeared as a frequent contributor to NewsChannel 8’s Federal News Today program. He began his career as a reporter at the Foster’s Daily Democrat, a daily newspaper in Dover, N.H. He is a graduate of the University of Southern California. He lives in Washington, DC.


Featured

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.